As the CEO of a public InfoSec company I have a variety of news sources. One of these is called '"The Information" which covers in-depth tech stories usually earlier than anywhere else. Reporter Aaron Holmes just published an article that is an eye opener for sure. You saw the title and are reading this, so I think you agree. Here is a short extract and I recommend you reading the whole article, link is below. It's great budget ammo for security awareness training.
They started out with: "Can you imagine going without flood insurance if you lived alongside a river? That’s what is happening in corporate America nowadays, as skyrocketing cyberinsurance premiums prompt more companies to go without traditional cyber insurance even as ransomware and other digital hacks surge.
'Hammered With Losses due to Ransomware'
"Last year cyber insurance premiums in the U.S. spiked 74%, according to data from S&P Global Market Intelligence, even as insurers narrow what they’ll cover. As a result, some customers are balking. Major software firms and retailers have either nixed or are considering ditching cyber insurance, according to security and insurance executives. Banking giant JPMorgan Chase, for instance, has reduced the amount of cybersecurity insurance it buys from major underwriters, according to people with direct knowledge of the situation.
"Cyber insurers have no choice but to raise prices and decrease coverage, said Michael Phillips, chief claims officer at Resilience, a cyber insurance broker for midsize businesses. “The ransomware epidemic has become so severe that the profitability of many of the insurers who write cyber insurance is being threatened,” Phillips said.
Link to full article: